Webinar recording — Preparing for SHAKEN in Canada

The recording, slides, and questions/answers from our recent webinar, Preparing for SHAKEN in Canada, are now available.

CRTC Decision 2021-123 requires all Canadian Telephone Service Providers (TSPs) to:

  • Submit a SHAKEN Implementation Readiness Assessment Report by 31 August 2021
  • Implement STIR/SHAKEN for IP-based voice calls by 30 November 2021.

This webinar is a practical tutorial to help you prepare your SHAKEN readiness report and deploy SHAKEN. In addition, this webinar gives you the latest information on new developments, emerging risks, and cross-border SHAKEN issues that will impact Canadian TSPs.

Here are the slides used in the webinar presentation.

We’ve summarized and consolidated questions we received during the webinar and provided answers here. Contact us if you have further questions.

  • Questions and answers
    Please clarify current situation wih attestation of diverted calls (call come from another operator)
    When a call is diverted, the called number in the SHAKEN PASSporT will not match the called number. SHAKEN verification will fail. The DIV PASSporT solves this problem by adding another PASSporT with the new called number at the point where the diversion takes place.
    Can you define what is a service provider with access to telephone numbers? Are they the companies like Twilio, Telnyx, etc. that sell sip trunks to resellers. Or do they include the resellers?
    Access to telephone numbers means a telephone service provider that can get numbers assigned to them. Many TSPs provide origination and termination service to customers who use numbers that were assigned to another telephone number provider. Under current CRTC rules, such providers cannot participate in SHAKEN in Canada. This rule was changed in the U.S., and Mitel has petitioned the CRTC to change it in Canada as well.
    Is cross-border included in the current SHAKEN standard? Are the root certs currently exchanged between the US and Canada?
    Cross-border is defined in two ATIS technical reports, ATIS-87 and ATIS-91. Neither are currently implemented by a country’s Policy Administrator. A service provider could merge lists of approved Certificate Authorities. We described this in a blog post here.
    Are other US certificate authorities known to also currently manually add Canadian root certs to their trust list?
    We are not aware of any CAs doing this. We do this for our SHAKEN customers, but not in our CA capacity. It’s something that a service provider would do, not a CA.
    Considering a large amount of calls are going over TDM, the verified check mark will give an unfair advantage to the some carriers where the end-to-end call is IP.
    Yes, this is true. Looking at robocall mitigation certification filings in the U.S., it seems some service providers are implementing SHAKEN, even though they might be eligible for an extension, for this reason.
    How do we add an attestation outside a passport? What does the header look like?
    This is called tagging. It can be implemented using the P-Asserted-Identity header field.
    Does TransNexus have plans to become a Certificate Authority in Canada? (Since you are a certificate authority in USA.)
    Not at this time. If the Canadian SHAKEN governance authority invites more CAs, we will evaluate the situation at that time.
    We do not have access to numbers. We are neither a CLEC or a WSP. We transit long distance calls that originate over TDM (in some cases MF - inband signalling) from the LEC on long distance tandem trunks (get ANI which we send as clid). We transit the calls over SIP to carriers in the US who are requiring SHAKEN (They are asking for it even on numbers originating from Canada - which you said isn’t technically required). Additionally, your presentation has brought to light that Canadian numbers may be even LESS trusted due to robocallers using our numbers to originate calls. Unfortunately we are unable to get a token from the CSTGA. What to do?
    You may wish to lobby the CRTC to allow TSPs without access to numbers to participate in SHAKEN. By way of example, the governance authority in the U.S. announced in November 2020 that they were changing this requirement. This spurred Mitel to file a Part 1 application with the CRTC (this link downloads a ZIP file from the CRTC website with Mitel’s filing in a PDF document) in December 2020 to urge them to do the same in Canada. The CRTC hasn’t issued a decision yet.
    When are you planning on implementing div headers? What happens if you add a div passport to a calling without an original passport?
    Diversion header support is on our product roadmaps. We’re waiting for it to be supported. A div PASSporT should not be added to a call without an original SHAKEN PASSporT. If that were attempted, the call would fail verification.
    Actually the http/rest interface does not support the div passport. It’s only supported over SIP.
    This is correct. However, there is a draft update to ATIS-82 that supports DIV in the HTTP/REST interface.
    CST-GA was suppose to make soon announcement about changes to the rules to become eligible (like remove the requiremet to have access to telephone numbers as in USA). Have you heard any update about this?
    Not yet. We’re watching the CRTC closely for an announcnement.
    Is the extension of SHAKEN to TDM mandated by FCC (or CRTC) at this time?
    The FCC has stated that they will reconsider waiving the non-IP extension when a solution, such as Out-of-Band SHAKEN, is (1) established in the standards, and (2) commercially available. Draft standards have been under discussion for years. An official standard has been developed this year and is currently in letter ballot.
    The CRTC has been briefed on Out-of-Band SHAKEN and is aware of it, but they have not mentioned it in official announcements.
    Since div passport is not here yet, how US opco’s handle diverted calls?
    Currently, a diverted call will fail SHAKEN verification. The DIV standard is approved, but it has not been widely implemented yet. It’s an important part of the solution, and we expect it to be widely adopted quickly. Just has’s happened yet.
    We only have TDM interfaces to up stream providers (Bell) so there is currently no standard solution that is commercially available to us? Will all our calls be rejected than in Canada and across the border?
    We believe that Out-of-Band SHAKEN is a great solution for your situation. It is commercially available in our software products. In foreseeable future, your unsigned calls will not be rejected. As SHAKEN becomes more widespread, however, the call completion rate on unsigned calls will decrease.
    How will ATIS specification/report evolve in relation to 3GPP IMS/SIP specifications. Will both path converge?
    These standards bodies attempt to make these specifications converge.
Man at computer


  • Review of SHAKEN regulations
  • Implementation Readiness Assessment Report
  • New robocall risks for Canadians
  • SHAKEN implementation
  • SHAKEN for TDM
  • Cross-border SHAKEN
  • Questions and answers

TransNexus solutions

We offer STIR/SHAKEN solutions in our ClearIP and NexOSS software platforms. In addition, we help service providers with all aspects of STIR/SHAKEN deployment.

Contact us today to learn more.

Request information

* required

This information will only be used to respond to your inquiry. TransNexus will not share your data with any third parties. We will retain your information for as long as needed to retain a record of your inquiry. For more information about how we use personal data, please see our privacy statement.